Slashdot Mirror


Using Snort Stealthily

jukal writes "Linux Journal has an article on using Snort as stealth sniffer, a stealth NDIS probe and stealth loger -- on a network interface with no IP address. 'Snort is a versatile and powerful tool for sniffing, intrusion detection and packet logging. Configuring it to run stealthily in sniffing mode or NIDS mode is easy; incorporating it into a stealth-logging solution is only slightly less so'"

1 of 148 comments (clear)

  1. Stealthy Snort by Anonymous Coward · · Score: -1, Flamebait

    So, folks are trying to make Snort do what just about every decent commercial NID sensor does. Now, if it can just achieve the same performance levels and keep state properly....